<?php
	include ("../DatabaseConnectionInformation.php");

	// получаем переменные из формы
	$username=$_POST['username'];
	$msg=$_POST['msg'];
	$action=$_POST['action'];
	$receiver = $_POST["interlocutor"];
	
	//echo $username;
    $dbh = mysql_connect($host, $user, $pswd) or die("Cannot connect to MySQL.");
    mysql_select_db($database) or die("Cannot connect to database.");

	if ($action=="add")
	{
		// добавление данных в БД
		$msg = htmlspecialchars(stripslashes($msg));	//fixes funny security hole
		$sql="INSERT INTO `history`(sender, receiver, message, time) VALUES ('$username', '$receiver', '$msg', NOW() )";
		$r=mysql_query($sql) or die("Invalid query: " . mysql_error());
	}
	
	/*
	if ($action=="delete")
	{
		// удаление базы
		$sql="DELETE FROM `history`";
		$r=mysql_query($sql);
	}
	*/

	mysql_close($dbh);
	header("Location: chat.php");
?>
